基于区块链的联盟信任分布式认证在电力行业的应用探索

Application Exploration of Blockchain-based Distributed Authentication wtih Alliance Trust in Power Industry

电力业务快速发展使其网络安全边界不断扩大,而电力业务系统大多停留在中心化身份或联盟身份阶段,难以应对海量接入、异构认证、频繁交互等新需求。首先,文中提出适用于电力行业的基于区块链的联盟信任分布式认证体系。然后,从网络架构、用户身份控制和隐私保护3个角度分析该体系的适用性,阐述其体系架构及运行机制。该体系设计了联盟数字身份,并按照共识和隐私保护策略将身份信息存储在分布式身份账本中,提供数字身份的全生命周期管理,实现身份数据的跨域安全共享和自主控制以及用户的跨域身份认证。最后,针对充电桩充电生态圈、电网人员安全管理、电力供应链金融3个行业场景面临的身份认证瓶颈,提出了基于该体系的解决思路。

The rapid development of electric power business has led to the expansion of its network security boundary.However,while most of electric power business systems stay at the stage of centralized identity or federated identity,which is difficult to meet new demands such as massive access,heterogeneous authentication,and frequent interaction.First,this paper proposes a blockchain-based distributed authentication system with alliance trust applicable to the power industry.Then,this paper analyzes the applicability of the system from three perspectives:network architecture,user identity control,and privacy protection.Its system architecture and operation mechanism are elaborated.The alliance digital identity is designed,and the identity information is stored in the distributed identity ledger according to the consensus and privacy protection policies.The full lifecycle management of digital identity is provided,and the cross-domain secure sharing and autonomous control of identity data as well as the crossdomain identity authentication of users are realized.Finally,the solution ideas based on this system are proposed to address the identity authentication bottlenecks faced by three industry scenarios:charging ecosystem of charging piles,safety management of power grid personnel,and power supply chain finance.